You are viewing a plain text version of this content. The canonical link for it is here.
Posted to rampart-dev@ws.apache.org by "Nandana Mihindukulasooriya (JIRA)" <ji...@apache.org> on 2007/12/14 11:53:43 UTC
[jira] Resolved: (RAMPART-122) /sp:EncryptedParts/sp:Header needs
qualified attribute names
[ https://issues.apache.org/jira/browse/RAMPART-122?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Nandana Mihindukulasooriya resolved RAMPART-122.
------------------------------------------------
Resolution: Fixed
This is fixed in the trunk in the revision r590597.
http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/builders/EncryptedPartsBuilder.java?view=diff&r1=588561&r2=590597&pathrev=590597
> /sp:EncryptedParts/sp:Header needs qualified attribute names
> ------------------------------------------------------------
>
> Key: RAMPART-122
> URL: https://issues.apache.org/jira/browse/RAMPART-122
> Project: Rampart
> Issue Type: Bug
> Components: rampart-policy
> Affects Versions: 1.3
> Reporter: Kent Tong
>
> The following policy assertion will cause rampart to throw a NullPointerException:
> <sp:EncryptedParts>
> <sp:Header Name="Signature" Namespace="http://www.w3.org/2000/09/xmldsig#" />
> </sp:EncryptedParts>
> The offending line is shown below:
> public class EncryptedPartsBuilder implements AssertionBuilder {
> ...
> private void processElement(OMElement element, SignedEncryptedParts parent) {
>
> QName name = element.getQName();
>
> if (HEADER.equals(name)) {
> Header header = new Header();
>
> OMAttribute nameAttribute = element.getAttribute(NAME);
> if( nameAttribute != null ) {
> header.setName(nameAttribute.getAttributeValue());
> }
>
> OMAttribute namespaceAttribute = element.getAttribute(NAMESPACE);
> header.setNamespace(namespaceAttribute.getAttributeValue()); <====== THIS LINE FAILS
>
> } else if (BODY.equals(name)) {
> parent.setBody(true);
> }
> }
> }
> It works if the policy assertion is changed to quality the attribute names:
> <sp:EncryptedParts>
> <sp:Header sp:Name="Signature" sp:Namespace="http://www.w3.org/2000/09/xmldsig#" />
> </sp:EncryptedParts>
> However, this is against the WS-SecurityPolicy spec at http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/ws-securitypolicy-1.2-spec-os.html#_Toc161826515
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.